최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

문제1

Which of the following is a reason to create a new role in SOAR?

A. To define a set of users who have access to an event's reports.

B. To define a set of users who have access to a sensitive tag.

C. To define a set of users who have access to a special label.

D. To define a set of users who have access to a restricted app.

정답: D

문제2

Which of the following queries would return all artifacts that contain a SHA1 file hash?

A. https://<PHANTOM_URL>/rest/artifact?_filter_cef_md5_insull=false

B. https://<PHANTOM_URL>/rest/artifact?_filter_shal__insull=False

C. https://<PHANTOM_URL>/rest/artifact?_filter_cef_Shal_contains=""

D. https://<PHANTOM_URL>/rest/artifact?_filter_cef_shal_insull=False

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Which of the following applies to filter blocks?

A. Can select assets by tenant, approver, or app.

B. Can select containers by seventy or status.

C. Can select which blocks have access to container data.

D. Can be used to select data for use by other blocks.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

When is using decision blocks most useful?

A. When selecting one (or zero) possible paths in the playbook.

B. When modifying downstream data hi one or more paths in the playbook.

C. When evaluating complex, multi-value results or artifacts.

D. When processing different data in parallel.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

On the Splunk search head, when configuring the app to search SOAR searchable content, what are the two requirements to complete the app setup?

A. User accounts and universal forwarder.

B. User accounts and REST API.

C. User accounts and syslog.

D. User accounts and an HTTP Event Collector token.

정답: B

문제6

Playbooks typically handle which types of data?

A. Container CEF data, Artifact data, Result data, List data

B. Container data, Artifact CEF data, Result data, List data

C. Container data, Artifact data, Result data, Threat data

D. Container data, Artifact CEF data, Result data, Threat data

정답: B

문제7

What is the primary objective of using the I2A2 playbook design methodology?

A. To create playbooks that customers will not edit.

B. To create detailed playbooks.

C. To meet customer requirements using a single playbook.

D. To create simple, reusable, modular playbooks.

정답: D

문제8

What values can be applied when creating Custom CEF field?

A. Name, Data Type, Severity

B. Name

C. Name, Data Type

D. Name, Value

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which of the following is an asset ingestion setting in SOAR?

A. Operating system

B. Tag

C. File format

D. Polling Interval

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which Splunk search command is used to send a notable event to SOAR?

A. param.phantom

B. sendevent

C. cim_modactions

D. sendtophantom

정답: D

최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

우리와 연락하기

유용한 링크

최신 업데이트